WASHINGTON -- U.S. Representatives Artur Davis (D-AL), Melissa Bean (D-IL), and Barney Frank (D-MA) recently introduced legislation that will provide tough consumer protections and enforcement against credit card fraud and identity theft.  The “Consumer Data Security and Notification Act of 2005,” will strengthen federal protections against improper collection and sale of sensitive consumer information and provide consumers with advance warning when their personal information is at risk.  In addition, the bill contains strong enforcement provisions to protect consumers from identity theft. 

“Congress needs to strengthen federal standards to provide more rigorous safeguards against the rising problem of identity theft.  This bill represents a commonsense approach that rewards the legitimate expectations of consumers and the financial service industry,” said Representative Artur Davis.

 “Congress needs to enact tough enforcement measures to protect consumers from identity theft,” said Congressman Frank, the Senior Democrat of the House Financial Services Committee.  “The recent high profile accounts of data security breaches and possible criminal activity by hackers make the case that Congress needs to act soon with strong enforcement and accountability.”

“Identity theft can be a horribly ironic nightmare for those who are financially responsible, live within their means and pay their bills on time – only to discover that a criminal has fraudulently used their identity to steal from them and destroy their credit rating for personal gain,” Bean said.

Recent high-profile data security breaches have undermined public confidence in the data security practices of many U.S. companies and exposed millions of consumers to potential fraud and identity theft.  The theft of thousands of consumer files from companies like MasterCard, Choice Point and LexisNexis illustrates how broadly our private information is being collected and sold without our knowledge or consent and how vulnerable these private databases are to both traditional and high-tech forms of theft.  Congressman Frank noted that even consumers who have kept tight control of the personal and financial information could still become victims of identity theft because companies that seek to profit from their personal information have inadequate security standards.

            The Consumer Data Security and Notification Act of 2005 would make the following changes to federal law to enhance data security and help consumers protect their private information:

• Regulation of Data Brokers:  Expands the Fair Credit Reporting Act (FCRA) to cover unregulated data brokers, such as ChoicePoint and LexisNexis, requiring them to operate by the same information sharing standards and consumer protections as consumer reporting agencies.

• New Data Security Standards:  Imposes similar data security obligations and standards on data brokers and consumer reporting agencies as the Gramm-Leach-Bliley Act requires of regulated financial institutions.

• Uniform Data Breach Notification:  Establishes uniform requirements for data brokers, consumer reporting agencies and financial institutions to notify consumers following a breach in any data system in which sensitive consumer information has been obtained by an unauthorized party and is likely to be misused.

• Notification by Merchants:  Imposes Greater responsibility on retail merchants to protect their customer’s payment account information by requiring that any business that routinely collects and maintains customer credit card, checking or other payment information must notify customers or their financial institutions when financial account information has been obtained and is likely to be misused by unauthorized parties.

-###-